From: Frank Filz Date: Mon, 18 May 2009 21:41:40 +0000 (-0400) Subject: nfs: Fix NFS v4 client handling of MAY_EXEC in nfs_permission. X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=7ee2cb7f32b299c2b06a31fde155457203e4b7dd;p=GitHub%2FLineageOS%2FG12%2Fandroid_kernel_amlogic_linux-4.9.git nfs: Fix NFS v4 client handling of MAY_EXEC in nfs_permission. The problem is that permission checking is skipped if atomic open is possible, but when exec opens a file, it just opens it O_READONLY which means EXEC permission will not be checked at that time. This problem is observed by the following sequence (executed as root): mount -t nfs4 server:/ /mnt4 echo "ls" >/mnt4/foo chmod 744 /mnt4/foo su guest -c "mnt4/foo" Signed-off-by: Frank Filz Signed-off-by: Trond Myklebust Cc: stable@kernel.org Tested-by: Eugene Teo Signed-off-by: Linus Torvalds --- diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c index 370b190a09d1..89f98e9a024b 100644 --- a/fs/nfs/dir.c +++ b/fs/nfs/dir.c @@ -1943,7 +1943,8 @@ int nfs_permission(struct inode *inode, int mask) case S_IFREG: /* NFSv4 has atomic_open... */ if (nfs_server_capable(inode, NFS_CAP_ATOMIC_OPEN) - && (mask & MAY_OPEN)) + && (mask & MAY_OPEN) + && !(mask & MAY_EXEC)) goto out; break; case S_IFDIR: